Vodafone publishes submission to the Joint Committee of the proposed Investigatory Powers Bill
The "snoopers charter" as it has been dubbed by the media, is a proposed bill that would legislate investigatory powers to the security forces, bestowing upon them considerable powers to monitor, intercept and review your communications data.
Speaking on the growing challenges facing crime reduction, the Home Secretary, Rt Hon Theresa May MP explained "Communications technologies that cross communications platforms and international borders increasingly allow those who would do us harm the opportunity to evade detection. . . Powers to intercept communications, acquire communications data and interfere with equipment are essential to tackle child sexual exploitation, to dismantle serious crime cartels, take drugs and guns off our streets and prevent terrorist attacks"
The bill, which was presented last year, has come against some strong criticism from the industry and even domestic security agencies in the UK. Inviting interested parties to present submissions on the bill, several have highlighted issues with the way the bill would be executed and what It would mean for public privacy rights.
To facilitate these requirements communications data, i.e the 'who', 'where', 'when', 'how' and 'with whom' of a communication but not what was written or said, is to be kept for 12 months by the communications suppliers. It is also proposed that communications providers would be obliged to maintain "permanent capabilities" to intercept and collect the data that is passing through their networks.
With the burden appearing to fall very heavily on the communications supplier, it has left Vodafone amongst others, arguing "that a balance needs to be struck between protecting the UK from terrorists and criminals whilst ensuring the vast majority of law-abiding members of society have the right for their private information to be protected."
Whilst the bill is debatable as it stands this also presents a technological issue with encrypted end-to-end services such as Whatsapp, Facebook and Apple messages. Currently communications providers such as Vodafone only transmit the encrypted package across their network, with no inclination or means to be able to see the data contained. Although it is proposed that the burden of responsibility be placed upon the communications providers, they technically are unable to provide the information leading to Vodafone requesting
"Communications data should be collected and provided to Law Enforcement agencies by those companies best placed to do so, whether they are based in the UK or not; in particular third party data, such as app-based messaging, should be retained by the provider of the service in question"
Apple has already weighed in on the public debate surrounding the Investigative Powers Bill with their own submission to the committee, arguing that due to the nature of encryption it would be impossible to create a backdoor that could not only be used by the Government to access every iPhone, but ultimately by nefarious individuals summarizing "A key left under the doormat would not just be there for the good guys. The bad guys would find it too."
A sentiment echoed by the information commissioner's office who felt there would be "detrimental consequences to the security of data and safeguards which are essential to the public's continued confidence in the handling and use of their personal information".
For final consideration, due to the international nature of these end-to-end encryption services, and their global distribution it would not only be the UK Government that would be able to access the data, making the legislation of international importance despite its remit only being domestic. As Apple explained "the same weaknesses could be used by governments and other bodies across the world, including in areas with much lesser safeguards or less strong human rights records."